A Measured Approach

A Measured Approach

The Sheer Importance of Securing Banks Requires a Multifaceted, Proactive Approach

  • By Bill Wayland
  • Feb 01, 2020

The threat landscape continues to evolve for every business. But banks and financial services companies face especially urgent demands – from aging infrastructure, outdated technologies, and the skyrocketing cost of brick and mortar locations, to cyber-attacks, fraud and changing federal and state regulations. Adding to these challenges is a shift in how consumers want to interact with their bank today and the need for financial institutions to differentiate their organizations. The obstacles may seem daunting, if not completely overwhelming, at times.

A logical first step to better understand how these risks may affect your business is to conduct a thorough risk assessment. This risk assessment can help pave the way to help ensure your assets are protected while also helping improve your client’s interaction, satisfaction and overall customer experience.

Aging Infrastructure and Outdated Technologies

Looming large on the horizon is the fast-approaching sunsetting of Microsoft Windows 7. Most, if not all ATMs are built on the Windows 7 platform and come January 2020, organizations that have not already upgraded or secured a service contract to upgrade at a future time, could face potentially serious risks.

After January, Microsoft will no longer support Windows 7, including issuing future security patches, security updates, nonsecurity hotfixes, free or paid support options or online technical content updates supported by Microsoft. For those financial institutions that will continue to run Windows 7 on their ATMs, they have the option of purchasing an Extended Security Update (ESU) that will provide support through January 2021.

The ESU program will include security updates deemed “critical” or “important” for the ATMs. Without purchasing an ESU for ATMs or upgrading to Windows 10, organizations that experience a breach to their networks after that time could be liable for any losses the consumer may experience.

The upgrade requires a new “PC core” and a software upgrade, but financial institutions may want to consider taking that a step further to include third-party monitoring and servicing of the ATM. With internal IT and security resources stretched thin, outsourcing the service, maintenance and monitoring of ATMs to a Managed Service Provider (MSP) may make sense for some organizations.

These services can help to ensure that the latest security patches are installed as they become available. Real-time monitoring for trouble signals can help avoid downed machines and the lost revenue that could result, and can also potentially send an alert when an illegal act such as tampering, installing skimming devices or even jackpotting incidents occur.

of your current security and life safety solutions? Chances are, if your current solutions have been in place for more than five years, they are outdated and less effective at protecting against today’s threat landscape. Do you still have wired or analog cameras watching your facilities or outdated access control solutions that still rely on easily duplicated magnetic stripe cards?

These may be areas of concern to prioritize new solutions. As cyber threats continue to increase, implementing a remotelymonitored, security-only network may also be an option to add as an extra layer of separation between your business-critical data and the security products that may reside on your main network.

While completely swapping out your existing technologies or adding a new network are probably not economically feasible improvements to tackle all at once, working with a qualified security integrator can help you to design a roadmap and budget for future enhancements.

Bigger No Longer Means Better

Until the financial crisis in 2007, a retail bank’s total share of deposits was tightly linked to the size of its branch network. Over the past decade, this relationship between deposit growth and branch density has weakened. Deposits at the 25 largest US retail banks have doubled over the past decade, while their combined branch footprint shrank by 15 percent over the same period.

However, a recent study conducted by Value Partners and Fiserv, US Bank reported that while 60 percent of traditional transactions, like deposits, are digital – 80 percent of sales activities still occur at the branch, making an argument that both channels are still viable options for today’s consumer.

A contributing factor when deciding the best channel to serve a customer may lie, in part, on the cost. A 2012 study published in the Wall Street Journal reported that each in-person interaction with a bank teller costs the business $4, compared with $0.17 for digital financial transactions and $0.70 for ATM.

So, it seems the answer may lie somewhere in between brick and mortar locations and mobile or online activity, or maybe a combination of both with Interactive Teller Machines (ITMs) or a “Branch in a Box” approach. While certainly not the solution for every bank, these are becoming more viable options in lieu of expensive new branch construction, by still providing access to additional remote locations and expanding access to tellers.

When considering future growth strategies for your operations, ITMs may play an important role in your planning. Join forces with an organization that not only has a dedicated team with hands-on experience implementing ATM technologies and newer ITM solutions, but has the capability to bring all your fire, life safety and security systems together.

Giving and Getting Customer Service Excellence

Standing out in a crowded competitive environment is hard to do as more banks and financial service organizations merge and the industry consolidates down. As discussed earlier, catering to the fickle demands of today’s varied consumer can be tricky, from the digital millennial to the traditionalist who wants human interaction at the brick and mortar location.

They all have one thing in common: The expectation that they deserve and will receive the highest level of customer service. As part of their customer experience, they expect the ATM they visit to be up and running, the branch they visit safe and secure and the mobile app experience to be streamlined and flawless.

To help you meet the increasing demands your customers place on your organization for an exceptional customer experience and perhaps give you a little competitive edge, you should ensure that your technology is fully functional and available to the public. Here are a few tips when selecting or dealing with a systems integrator to help you meet your customers’ expectations.

First, select a systems integrator that is experienced in serving the banking and financial services community and is up-to-date on the changing rules and regulations that govern the industry. An organization that has dedicated team members calling on the market segment is ideal.

1. When engaging the systems integrator, identify and agree upon service protocols in advance such as response and dispatch times. Does your provider have a monitoring best practices procedure in place?

2. Develop a team approach to meeting your security and operational needs with your systems integrator. The team should include sales, project management, service and operations to work hand-in-hand to keep everyone abreast of job status.

3. Apply a consultative approach with your provider, where they keep you informed on the latest technologies on the market and how they could potentially enhance your security portfolio.

4. Look for a systems integrator that goes beyond selling and installing hardware in your facility. Your provider should be a true partner in the ongoing performance of your solutions by offering preventative maintenance, inspection and testing services. Some integrators can even monitor and service ATM systems for situations such as low printer paper.

When moving to ITM solutions, employing a partner that can address the network and video components of these systems is critical to customer satisfaction. Working with a trusted professional partner can help give you a competitive edge in the crowded financial services market by helping to identify risk at your facilities and offering insight on the right solutions. They can also provide those additional services to help ensure that the cash handling side of your business is running at peak performance.

A reliable integrator can offer professional installation, maintenance, monitoring and testing to ensure systems are up to code, all while making sure your tried-and-true life safety systems can work with new innovations and advanced technologies.

This article originally appeared in the January / February 2020 issue of Security Today.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services

  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

Most   Popular

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.